This is a great example of the perfect storm of variables coming together to cause performance issues. I will start from the beginning; a client was complaining about performance issues. Specifically, the symptom was that the computer seems to freeze or stutter at random times. During the initial meeting, I found out that this issue has been around since day one and that all the computers are based off a ‘standard image’. This is when my standard workflow pays off. I treated this like any other troubleshooting engagement. The first step is to get a boot up and login baseline. The boot up and login will identify the protocols in use as well as the servers that the client communicates with. With this information, I may be able to identify some areas for configuration optimization. I used a ProfiShark 1G tap that was USB connected to my computer (https://www.profitap.com/profishark-1g).
read the full article for free when its posted at:
Here I review some of the common hrping functions; -i -r -w
I also explain what the errors, and dev mean when you get your hrping results
Enjoy
...
https://www.youtube.com/watch?v=rYfAe0JTFjY
I was part of Viavi's Wireshark week where other presenters and myself shared tips and tricks.
My session covered application troubleshooting, base-lining and dependency analysis.
Each session is one each and completely free.
https://observer.viavisolutions.com/wireshark-week/
...
https://www.youtube.com/watch?v=JYBmd4-89WI
Here I run through the basics of using Homedale, a free windows based utility to troubleshoot or monitor your Wifi signal.
...
https://www.youtube.com/watch?v=y_k475wYErc
read the full article when its posted at networkdatapedia.com
Whenever I get a chance I always capture broadcast and multicast packets.
I figure out a great deal about the network and host configurations as well as possible tuning recommendations. When I show clients what I find by just capturing ‘idle’ traffic they are typically amazed and ask how I figured it out.
...
https://www.youtube.com/watch?v=_SPbcwMg9CE
Many of you are probably familiar with packet capture tools like Wireshark, but how many times have you wanted to playback that tracefile? Here's where Bittwist comes in.
Bittwist is an open source, portable traffic generator. The zip file also includes bittwiste for packet editing, but I won't be covering that topic in this video.
I use this play back feature when I'm testing how tools report certain things. For example, in this video I use Fluke Networks Optiview XG and want to see how it identifies IPX. I also used it to identify OSPF, but didn't cover that protocol in the video.
In summary the toll simply requires you to provide which interface to transmit on as well as the filename. Of course there are many other options like --m which ignores the inter packet delta time and blasts all the packet out ASAP.
Enjoy
Linkedin Profile http://ca.linkedin.com/in/fortunat
Lovemytool Blog: http://www.lovemytool.com/blog/tony-fortunato/
Youtube Channel: http://www.youtube.com/user/thetechfirm
Google Plus: http://plus.google.com/+Thetechfirmplus
...
https://www.youtube.com/watch?v=4yY17i6FSgE
How To Convert A Wireshark Trace To Open Office Graph
The hardest technique to master with protocol analysis is spotting a pattern, or to be more precise a change in pattern. A break in pattern may explain a performance issue, disconnection or application anomaly.
Example it can be extremely difficult to look at a trace file and determine when throughput dropped or latency jumped up. Wireshark has a graphing facility but many times I want to do something specific or change the chart format.
I have shown analysts how to import a Wireshark trace file to Excel but get many request asking how to do this with an open source spreadsheet. In this article I chose Open Office’s Calc and walk you through how to import a trace file and create a
read the full article for free when its posted on Network Computing Blog: https://www.networkcomputing.com/author/tony-fortunato
...
https://www.youtube.com/watch?v=hbTg26Ruy0s
As a network professional, I am typically asked to assist troubleshooting issues that don’t seem to be clearly a server, client or network issue.
When I’m troubleshooting, I’m always trying to gather just right balance of data without becoming overwhelmed with too much to analyze.
The first thing I do is get visibility into the network equipment via SNMP and logs with either the client’s system or my tools. Since issues typically involve a client and minimally a server, I try to either get a client contact that can gather this information as well.
As you can suspect the biggest issue I encounter as an external consultant, is access to devices. Don’t get me wrong, I’m not expecting anyone to give me administrator passwords to servers or clients, unless they are test systems in a lab.
That’s where my little tip comes in.
In some cases, I can usually get SNMP/WMI enabled on client to give me more visibility. There are many tools out there that can use SNMP/WMI to perform system queries or monitor running services or applications to assist with troubleshooting. By using SNMP, I don’t need the client’s login credentials.
Ideally, if I can get the same for the server, great, of not many customers already have server monitoring solutions that I can leverage.
In this video, I show you how to enable SNMP on a Windows 8.1 system
Enjoy
...
https://www.youtube.com/watch?v=H_aNqlvz3Lo
Like, share and subscribe to support my channel.
Tons more info at www.thetechfirm.com
------------------------------------------------------------------------------------------
I’m one of those guys who looks at the Wireshark release notes. Release notes are usually about bug fixes and protocol updates but every so often it contains a gem.
When Wireshark 4 came out, there was all sorts of chatter about new features, etc. After reading about the features, I soon realized that many of the features were helpful for more seasoned Wireshark users that would figure out or stumble upon them on their own.
One display filter tip that I thought was helpful was a more efficient ability to search for multiple values.
...
https://www.youtube.com/watch?v=EAljq9LAkDo